35 pages of spelling done

bug/bundler_fix
h00die 2017-09-08 22:19:55 -04:00
parent 00c593e0a2
commit 0910c482a9
26 changed files with 30 additions and 30 deletions

View File

@ -15,7 +15,7 @@ class MetasploitModule < Msf::Exploit::Remote
This module exploits a vulnerability found in ZPanel's htpasswd module. When
creating .htaccess using the htpasswd module, the username field can be used to
inject system commands, which is passed on to a system() function for executing
the system's htpasswd's command.
the system's htpasswd command.
Please note: In order to use this module, you must have a valid account to login
to ZPanel. An account part of any of the default groups should suffice, such as:

View File

@ -13,7 +13,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Name' => 'CA BrightStor ArcServe Media Service Stack Buffer Overflow',
'Description' => %q{
This exploit targets a stack buffer overflow in the MediaSrv RPC service of CA
BrightStor Arcserve. By sending a specially crafted SUNRPC request, an attacker
BrightStor ARCserve. By sending a specially crafted SUNRPC request, an attacker
can overflow a stack buffer and execute arbitrary code.
},
'Author' => [ 'toto' ],

View File

@ -14,7 +14,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Description' => %q{
This module exploits a vulnerability found in the ActiveX component of Adobe
Flash Player before 11.5.502.149. By supplying a specially crafted swf file
with special regex value, it is possible to trigger an memory corruption, which
with special regex value, it is possible to trigger a memory corruption, which
results in remote code execution under the context of the user, as exploited in
the wild in February 2013. This module has been tested successfully with Adobe
Flash Player 11.5 before 11.5.502.149 on Windows XP SP3 and Windows 7 SP1 before

View File

@ -12,7 +12,7 @@ class MetasploitModule < Msf::Exploit::Remote
super(update_info(info,
'Name' => 'Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory',
'Description' => %q{
This module exploits an unintialized memory vulnerability in Adobe Flash Player. The
This module exploits an uninitialized memory vulnerability in Adobe Flash Player. The
vulnerability occurs in the ByteArray::UncompressViaZlibVariant method, which fails
to initialize allocated memory. When using a correct memory layout this vulnerability
leads to a ByteArray object corruption, which can be abused to access and corrupt memory.

View File

@ -24,7 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote
NOTE: This module uses a similar DEP bypass method to that used within the
adobe_libtiff module. This method is unlikely to work across various
Windows versions due a the hardcoded syscall number.
Windows versions due a hardcoded syscall number.
},
'License' => MSF_LICENSE,
'Author' =>

View File

@ -18,7 +18,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Description' => %q{
This module exploits a flaw in the handling of AOL Instant
Messenger's 'goaway' URI handler. An attacker can execute
arbitrary code by supplying a overly sized buffer as the
arbitrary code by supplying an overly sized buffer as the
'message' parameter. This issue is known to affect AOL Instant
Messenger 5.5.
},

View File

@ -14,7 +14,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Name' => 'Ask.com Toolbar askBar.dll ActiveX Control Buffer Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in Ask.com Toolbar 4.0.2.53.
An attacker may be able to excute arbitrary code by sending an overly
An attacker may be able to execute arbitrary code by sending an overly
long string to the "ShortFormat()" method in askbar.dll.
},
'License' => MSF_LICENSE,

View File

@ -13,7 +13,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Name' => 'BaoFeng Storm mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow',
'Description' => %q{
This module exploits a buffer overflow in BaoFeng's Storm media Player ActiveX
control. Verions of mps.dll including 3.9.4.27 and lower are affected. When passing
control. Versions of mps.dll including 3.9.4.27 and lower are affected. When passing
an overly long string to the method "OnBeforeVideoDownload" an attacker can execute
arbitrary code.
},

View File

@ -26,7 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Description' => %q{
This module allows remote attackers to place arbitrary files on a users file system
by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX
Control (BIImgFrm.ocx 12.0.0.0). Code exeuction can be acheived by first uploading the
Control (BIImgFrm.ocx 12.0.0.0). Code execution can be achieved by first uploading the
payload to the remote machine, and then upload another mof file, which enables Windows
Management Instrumentation service to execute the binary. Please note that this module
currently only works for Windows before Vista. Also, a similar issue is reported in

View File

@ -14,7 +14,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Name' => 'CommuniCrypt Mail 1.16 SMTP ActiveX Stack Buffer Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in the ANSMTP.dll/AOSMTP.dll
ActiveX Control provided by CommuniCrypt Mail 1.16. By sending a overly
ActiveX Control provided by CommuniCrypt Mail 1.16. By sending an overly
long string to the "AddAttachments()" method, an attacker may be able to
execute arbitrary code.
},

View File

@ -13,7 +13,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Name' => 'Electronic Arts SnoopyCtrl ActiveX Control Buffer Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in Electronic Arts SnoopyCtrl
ActiveX Control (NPSnpy.dll 1.1.0.36. When sending a overly long
ActiveX Control (NPSnpy.dll 1.1.0.36. When sending an overly long
string to the CheckRequirements() method, an attacker may be able
to execute arbitrary code.
},

View File

@ -13,11 +13,11 @@ class MetasploitModule < Msf::Exploit::Remote
super(update_info(info,
'Name' => "Honeywell Tema Remote Installer ActiveX Remote Code Execution",
'Description' => %q{
This modules exploits a vulnerability found in the Honewell Tema ActiveX Remote
This module exploits a vulnerability found in the Honewell Tema ActiveX Remote
Installer. This ActiveX control can be abused by using the DownloadFromURL()
function to install an arbitrary MSI from a remote location without checking source
authenticity or user notification. This module has been tested successfully with
the Remote Installer ActiveX installed with HoneyWell EBI R410.1 - TEMA 5.3.0 and
the Remote Installer ActiveX installed with Honeywell EBI R410.1 - TEMA 5.3.0 and
Internet Explorer 6, 7 and 8 on Windows XP SP3.
},
'License' => MSF_LICENSE,

View File

@ -30,8 +30,8 @@ class MetasploitModule < Msf::Exploit::Remote
The vulnerability is found in the "RunAndUploadFile" method
where the "OtherFields" parameter with user controlled data
is used to build a "Content-Dispoition" header and attach
contents in a insecure way which allows to overflow a buffer
is used to build a "Content-Disposition" header and attach
contents in an insecure way which allows to overflow a buffer
in the stack.
},
'License' => MSF_LICENSE,

View File

@ -13,7 +13,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Name' => 'Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX Control',
'Description' => %q{
This module exploits a stack based buffer overflow in the Active control file
ImageViewer2.OCX by passing a overly long argument to an insecure TifMergeMultiFiles()
ImageViewer2.OCX by passing an overly long argument to an insecure TifMergeMultiFiles()
method. Exploitation results in code execution with the privileges of the user who
browsed to the exploit page.

View File

@ -29,7 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote
This module exploits a heap overflow found in InduSoft Web Studio <= 61.6.00.00
SP6. The overflow exists in the ISSymbol.ocx, and can be triggered with a long
string argument for the InternationalSeparator() method of the ISSymbol control.
This modules uses the msvcr71.dll form the Java JRE6 to bypass ASLR.
This module uses the msvcr71.dll form the Java JRE6 to bypass ASLR.
},
'License' => MSF_LICENSE,
'Author' =>

View File

@ -13,7 +13,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Name' => 'Quest InTrust Annotation Objects Uninitialized Pointer',
'Description' => %q{
This module exploits an uninitialized variable vulnerability in the
Annotation Objects ActiveX component. The activeX component loads into memory without
Annotation Objects ActiveX component. The ActiveX component loads into memory without
opting into ALSR so this module exploits the vulnerability against windows Vista and
Windows 7 targets. A large heap spray is required to fulfill the requirement that EAX
points to part of the ROP chain in a heap chunk and the calculated call will hit the

View File

@ -17,7 +17,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Name' => 'Sun Java Web Start Double Quote Injection',
'Description' => %q{
This module exploits a flaw in the Web Start component of the Sun Java
Runtime Environment. Parameters intial-heap-size and max-heap-size in a JNLP
Runtime Environment. Parameters initial-heap-size and max-heap-size in a JNLP
file can contain a double quote which is not properly sanitized when creating
the command line for javaw.exe. This allows the injection of the -XXaltjvm
option to load a jvm.dll from a remote UNC path into the java process. Thus

View File

@ -25,7 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote
allows an attacker to execute arbitrary code in the context of an unsuspecting
browser user.
In order for this module to work, it must be ran as root on a server that
In order for this module to work, it must be run as root on a server that
does not serve SMB. Additionally, the target host must have the WebClient
service (WebDAV Mini-Redirector) enabled.
},

View File

@ -14,7 +14,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Description' => %q{
This module exploits a stack buffer overflow in the Altnet Download Manager ActiveX
Control (amd4.dll) bundled with Kazaa Media Desktop 3.2.7.
By sending a overly long string to the "Install()" method, an attacker may be
By sending an overly long string to the "Install()" method, an attacker may be
able to execute arbitrary code.
},
'License' => MSF_LICENSE,

View File

@ -13,7 +13,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Name' => 'Logitech VideoCall ActiveX Control Buffer Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in the Logitech VideoCall ActiveX
Control (wcamxmp.dll 2.0.3470.448). By sending a overly long string to the
Control (wcamxmp.dll 2.0.3470.448). By sending an overly long string to the
"Start()" method, an attacker may be able to execute arbitrary code.
},
'License' => MSF_LICENSE,

View File

@ -13,7 +13,7 @@ class MetasploitModule < Msf::Exploit::Remote
super(update_info(info,
'Name' => 'Macrovision InstallShield Update Service ActiveX Unsafe Method',
'Description' => %q{
This module allows attackers to execute code via an unsafe methods in Macrovision InstallShield 2008.
This module allows attackers to execute code via an unsafe method in Macrovision InstallShield 2008.
},
'License' => MSF_LICENSE,
'Author' => [ 'MC' ],

View File

@ -13,7 +13,7 @@ class MetasploitModule < Msf::Exploit::Remote
super(update_info(info,
'Name' => "McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability",
'Description' => %q{
This modules exploits a vulnerability found in McAfee Virtual Technician's
This module exploits a vulnerability found in McAfee Virtual Technician's
MVTControl. This ActiveX control can be abused by using the GetObject() function
to load additional unsafe classes such as WScript.Shell, therefore allowing remote
code execution under the context of the user.

View File

@ -13,7 +13,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Name' => 'McAfee Visual Trace ActiveX Control Buffer Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in the McAfee Visual Trace 3.25 ActiveX
Control (NeoTraceExplorer.dll 1.0.0.1). By sending a overly long string to the
Control (NeoTraceExplorer.dll 1.0.0.1). By sending an overly long string to the
"TraceTarget()" method, an attacker may be able to execute arbitrary code.
},
'License' => MSF_LICENSE,

View File

@ -13,8 +13,8 @@ class MetasploitModule < Msf::Exploit::Remote
super(update_info(info,
'Name' => 'Firefox onreadystatechange Event DocumentViewerImpl Use After Free',
'Description' => %q{
This module exploits a vulnerability found on Firefox 17.0.6, specifically an use
after free of a DocumentViewerImpl object, triggered via an specially crafted web
This module exploits a vulnerability found on Firefox 17.0.6, specifically a use
after free of a DocumentViewerImpl object, triggered via a specially crafted web
page using onreadystatechange events and the window.stop() API, as exploited in the
wild on 2013 August to target Tor Browser users.
},

View File

@ -21,7 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote
super(update_info(info,
'Name' => 'Mozilla Firefox 3.6.16 mChannel Use-After-Free Vulnerability',
'Description' => %q{
This module exploits an use after free vulnerability in Mozilla
This module exploits a use after free vulnerability in Mozilla
Firefox 3.6.16. An OBJECT Element mChannel can be freed via the
OnChannelRedirect method of the nsIChannelEventSink Interface. mChannel
becomes a dangling pointer and can be reused when setting the OBJECTs

View File

@ -14,7 +14,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Description' => %q{
This module exploits a vulnerability found in Mozilla Firefox 3.6. When an
array object is configured with a large length value, the reduceRight() method
may cause an invalid index being used, allowing abitrary remote code execution.
may cause an invalid index being used, allowing arbitrary remote code execution.
Please note that the exploit requires a longer amount of time (compare to a
typical browser exploit) in order to gain control of the machine.
},